Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PPTZhzRhwS3cnHuDL5wK7_QKNSE.roa
File: PPTZhzRhwS3cnHuDL5wK7_QKNSE.roa (raw, json)
Hash identifier: FfhEFAmDSHgamNzoP944vOZxv9Jc/k4EO/i01UB05TE=
Subject key identifier: 3C:F4:D9:87:34:61:C1:2D:DC:9C:7B:83:2F:9C:0A:EF:F4:0A:35:21
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018E56D6DBF1EFFF8419E421C21C3C07685B
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PPTZhzRhwS3cnHuDL5wK7_QKNSE.roa
Signing time: Tue 19 Mar 2024 13:11:45 +0000
ROA not before: Tue 19 Mar 2024 13:11:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.114.0/24 maxlen: 24
77.242.159.0/24 maxlen: 24
88.151.63.0/24 maxlen: 24
88.209.203.0/24 maxlen: 24
88.209.229.0/24 maxlen: 24
88.209.230.0/24 maxlen: 24
88.209.232.0/24 maxlen: 24
88.209.233.0/24 maxlen: 24
88.209.234.0/24 maxlen: 24
88.209.235.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
92.52.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:56:d6:db:f1:ef:ff:84:19:e4:21:c2:1c:3c:07:68:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Mar 19 13:11:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cf4d9873461c12ddc9c7b832f9c0aeff40a3521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:51:a9:b0:0a:e0:bf:83:69:34:8b:36:b6:33:
25:cc:13:99:6d:b8:9f:40:f2:ab:16:38:fb:1d:11:
cd:8f:c5:66:e9:a5:14:b6:40:5f:d1:8b:5e:1b:c4:
54:17:79:4b:92:05:61:68:99:55:ad:0c:f2:ac:5b:
3c:a6:0c:9d:96:45:be:51:51:b4:8a:95:70:7f:86:
37:c8:12:8d:a9:8c:ac:a3:03:fb:3b:c3:a3:f1:9e:
4a:e7:af:f0:dd:7f:ff:a5:1a:55:15:af:cb:32:2e:
d5:4d:96:f5:4b:8d:9e:97:ce:06:bd:7c:47:44:de:
45:b3:fb:ed:fd:4d:fd:d8:59:75:c6:af:e2:11:a3:
c0:02:87:3e:3f:81:ef:e3:e6:be:c6:92:c8:13:71:
73:ce:d6:54:24:cf:e1:52:31:88:5b:b1:c4:3d:79:
23:05:f1:7d:fe:22:83:21:fb:1b:2f:e7:6f:15:59:
f3:fe:64:80:e3:34:67:0e:8f:52:af:69:7f:3d:4e:
1d:a5:f5:19:00:ac:3a:8d:10:10:dd:50:ba:64:e3:
e4:b9:58:7b:ed:f9:f2:20:4d:e8:58:eb:42:f7:f3:
ec:af:bf:fc:ac:3c:25:10:74:dc:0c:42:e7:b1:a6:
7d:af:cc:a6:5a:a7:7c:1d:a1:2b:55:4a:d0:3d:ee:
85:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:F4:D9:87:34:61:C1:2D:DC:9C:7B:83:2F:9C:0A:EF:F4:0A:35:21
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/PPTZhzRhwS3cnHuDL5wK7_QKNSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.114.0/24
77.242.159.0/24
88.151.63.0/24
88.209.203.0/24
88.209.229.0-88.209.230.255
88.209.232.0/22
88.209.255.0/24
92.52.214.0/24
Signature Algorithm: sha256WithRSAEncryption
32:db:bc:6e:ec:0a:ba:3b:66:c7:aa:9c:99:2a:d4:d4:00:83:
d3:eb:59:cc:d0:7f:2f:ab:a7:0c:d3:8c:42:fa:f1:84:59:d1:
b8:1a:f1:ac:59:b6:c5:9e:b1:08:07:2d:11:f5:11:3f:97:37:
fc:86:4a:08:a7:3c:76:c6:da:cd:b2:db:5f:d9:42:d7:89:25:
ff:f1:22:72:5c:3e:27:87:4b:8b:c4:4c:e6:f8:ae:f8:f2:12:
cf:52:02:b2:08:1e:1b:34:4e:4f:cb:b7:9a:47:5c:1d:bb:40:
a8:06:62:78:d7:fb:c9:d8:0c:c5:c3:c1:ce:0e:96:34:18:0c:
d9:63:5a:0d:04:6c:63:0a:d0:8c:b7:07:62:cb:46:58:d5:e7:
3c:91:eb:e3:9e:42:48:e7:55:19:89:71:cc:c8:b6:32:9c:3a:
5f:80:f3:34:98:b4:db:a9:e8:d5:aa:80:70:62:3a:8f:80:d6:
86:ff:02:da:fb:dc:cc:fa:b0:30:ff:30:4f:ab:2c:fd:7a:b1:
46:51:82:8f:1f:db:37:a5:75:b7:d0:51:9c:98:6b:7f:25:93:
a7:41:13:ab:70:75:38:05:72:c6:27:02:2b:07:d3:14:20:05:
76:6b:a3:01:b7:1a:b1:11:29:25:d7:de:a0:3c:51:33:e9:dd:
69:26:ee:a9
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY5W1tvx7/+EGeQhwhw8B2hbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMzE5MTMxMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2Y0ZDk4NzM0NjFjMTJkZGM5YzdiODMyZjljMGFlZmY0MGEzNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFGpsArgv4NpNIs2tjMlzBOZbbif
QPKrFjj7HRHNj8Vm6aUUtkBf0YteG8RUF3lLkgVhaJlVrQzyrFs8pgydlkW+UVG0
ipVwf4Y3yBKNqYysowP7O8Oj8Z5K56/w3X//pRpVFa/LMi7VTZb1S42el84GvXxH
RN5Fs/vt/U392Fl1xq/iEaPAAoc+P4Hv4+a+xpLIE3FzztZUJM/hUjGIW7HEPXkj
BfF9/iKDIfsbL+dvFVnz/mSA4zRnDo9Sr2l/PU4dpfUZAKw6jRAQ3VC6ZOPkuVh7
7fnyIE3oWOtC9/Psr7/8rDwlEHTcDELnsaZ9r8ymWqd8HaErVUrQPe6F5wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFDz02Yc0YcEt3Jx7gy+cCu/0CjUhMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvUFBUWmh6Umh3UzNjbkh1REw1d0s3X1FLTlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQABbZyAwQA
TfKfAwQAWJc/AwQAWNHLMAwDBABY0eUDBABY0eYDBAJY0egDBABY0f8DBABcNNYw
DQYJKoZIhvcNAQELBQADggEBADLbvG7sCro7ZseqnJkq1NQAg9PrWczQfy+rpwzT
jEL68YRZ0bga8axZtsWesQgHLRH1ET+XN/yGSginPHbG2s2y21/ZQteJJf/xInJc
PieHS4vETOb4rvjyEs9SArIIHhs0Tk/Lt5pHXB27QKgGYnjX+8nYDMXDwc4OljQY
DNljWg0EbGMK0Iy3B2LLRljV5zyR6+OeQkjnVRmJcczItjKcOl+A8zSYtNup6NWq
gHBiOo+A1ob/Atr73Mz6sDD/ME+rLP16sUZRgo8f2zeldbfQUZyYa38lk6dBE6tw
dTgFcsYnAisH0xQgBXZrowG3GrERKSXX3qA8UTPp3Wkm7qk=
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:33:18 2024 by rpki-client on console-ams.rpki-client.org